The bitcoin code that has been inherited from Core is a mess. When I saw that the latest assert was failing at line 5706, the first thing I thought was "Oh my God a file should never be 6000 lines long. That's a sign of undisciplined programmers generating an unreadable mess."

The ProcessMessage function alone is more than 1,300 lines long and there are plenty of other multi-hundred line functions throughout the code. Code in this state is very unpleasant to read and almost impossible to spot bugs in.

What's needed is a proper code review process but the code in its current state is not even suitable for code review because you can't look at a part of the code and understand everything that you need to understand in order to say whether there's a problem.

The only people who have a decent chance at spotting a problem are those who are intimately familiar with the code already - namely the authors. The code deters newcomers because of its complexity.

Stolfi is usually full of it, but occasionally he hits it right on the head:

Quote

Like RBF, CPFP, and fee estimators, SegWit is the typical "incompetent hacker solution": an ugly and faulty hack that is added to the system to pretend to fix some problem that was created exclusively by previous ugly and faulty hacks.

A hard fork solution to the ML bug would be much simpler and could take effect immediately after the fork is activated, which could be as early as two months from now.